Stateful Inspection - Computer Definition
Also referred to as dynamic packet filtering. Check Point Software is credited with creating the term stateful inspection when it was used in the company’s 1993 FireWall-1. Today, stateful inspection is generally known as firewall architecture working at the network layer. Different from static packet filtering, which looks at a packet based on the information in the packet header, stateful inspection tracks every connection traveling through all firewall network interfaces to make sure that they are valid.
Moreover, a stateful inspection firewall looks at both the header information and the packet contents on all protocol layers including the application layer to ascertain more about the packet than merely its source and destination. A firewall with stateful inspection also monitors the connection state and puts the data together in a state table. Thus, filtering decisions are based not just on configured rules by the administrator (as is the case in static packet filtering) but also on context established by the packets that have previously passed through the firewall.
Jupitermedia Corporation. What is Stateful Inspection? [Online, August 18, 2003.] Jupitermedia Corporation Website. http://www.webopedia.com/TERM/S/ stateful_inspection.html.
A firewall technology that ensures that all inbound packets are the result of an outbound request. Also called "stateful packet inspection" (SPI), it was designed to prevent harmful or unrequested packets from entering the computer. For example, if you click on a link to a Web page, an HTTP request is being made to a specific URL address. All packets coming back from that URL would pass the stateful inspection and be accepted. Every so many minutes, your e-mail program queries the mail server, and returning packets from that server are allowed. Essential and Problematic Stateful inspection is the norm and generally a major component in every network firewall and personal firewall. However, stateful inspection causes problems with videoconferencing and VoIP, in which a user outside the network wants to initiate a communication with a user inside the network. Various techniques are used to work around this (see STUN, UPnP and port forwarding). See firewall.